Security Breach – 13 Sep 2024

13 Sep Security Breach – 13 Sep 2024

One of the most devastating cyberattacks that businesses face today is enjoying a resurgence: ransomware. A complex and destructive cyberattack that can drive a business to its knees quickly, ransomware has been a top threat to businesses in the past few years. However, the rate of attack had plateaued. Not anymore.

Ransomware and business email compromise (BEC) attacks made up 60% of all cyber incidents in Q2 2024, according to a report by Cisco’s Talos Incident Response (Talos IR) arm and that’s bad news for corporate IT professionals and managed service providers. Researchers suggested that attackers may be targeting tech firms as a pathway to other industries, given their critical role in supporting various sectors, including essential infrastructure. Cisco’s experts theorise that organisations in the technology sector may be viewed by bad actors as potential entry points into other industries due to their important role in supporting and servicing a wide range of industries. Retail, healthcare, pharmaceuticals and education rounded out the top five sectors impacted by ransomware in Q2 2024.

Recent Breaches

United States – Centers for Medicare & Medicaid Services – Healthcare

Exploit: Zero Day exploit

Risk to Business: Moderate: Between May 27 and May 31, 2023, a data breach occurred when unauthorised third parties exploited a vulnerability in the MOVEit service, compromising beneficiaries’ personal information, according to the Centers for Medicare & Medicaid Services (CMS). MOVEit’s developer, Progress Software, disclosed the breach on May 31, but the Wisconsin Physicians Service Insurance, a CMS contractor, recently discovered that files containing Medicare claims data and personal information had been affected. CMS and WPS are notifying 946,801 individuals whose data may have been exposed, outlining steps to take in response.